The pandemic has redefined what it means to be a resilient business, especially when it comes to retail. “Essential” businesses that have remained open, such as supermarkets or pharmacies, have had to figure out how to operate safely in this new world. No matter the type of retailer, the importance of cybersecurity hasn’t gone away. If anything, it becomes more important as a cyber disruption could be the fatal final straw for a business looking for a smooth return to operations and maintain its brand image and reputation.

We talk to David “moose” Wolpoff, Chief Technology Officer (CTO) and co-founder of Randori, about Black Hats’ processes for finding and exploiting weaknesses in software.

In late February 2020, news broke in the United States that the once faraway threat of a “novel coronavirus” had spread to U.S. soil. As COVID-19 case numbers in major cities grew, stay-at-home orders were put in place, businesses closed, restaurants shifted to take-out only, and retailers adopted curbside service. All of this took place to slow the spread of COVID-19.  Meanwhile, however, hospitals remained open — accepting new patients at the direction of the U.S. Center for Disease Control and Prevention (CDC) and working diligently to adhere to new safety guidelines. During virus, or any pandemic outbreaks, we are acutely reminded of our essential frontline healthcare workers, the critical need to enhance their overall safety, security, and to be as efficient as possible when communicating vital information.

Integrated into one of the most complex industries, blockchain technology can help legislation catch up with the exciting developments in cannabis medicine. At the same time, implementing blockchain in pharmacies can help provide patients with a wider variety of treatment options. In a fast-paced industry, where innovation drives growth, blockchain is the next step in encouraging access and security for cannabinoid-based medicine.

The coronavirus pandemic has triggered an unprecedented chain reaction of border closures around the world. This truly is an extraordinary situation, and many countries have also grappled with lack of information, resources and coordination between relevant agents and authorities. These operational issues have raised questions globally about whether border controls are effective in containing such outbreaks, how prepared border agencies were for the emergency and what this will mean for border management in a post-pandemic world. 

I was chatting with a chief information security officer (CISO) recently, and we started talking about motivation and the role of love and hate in driving ourselves towards our goals. In cybersecurity, we tend to think about external opponents, most notably white hats vs. black hats, but rarely discuss the internal factors that guide our day-to-day decisions. Humans are dynamic beings that aren’t driven solely by love or hate (despite what the chatter on social media may have you believe). We do, however, have predilections based on our personalities and environment. How we choose to deal with those influences shapes who we become. A good strategy is a combination of love and hate where organizations work towards a grand vision of their future while eliminating things they hate one after the other.

In 2019, Business Email Compromise (BEC) attacks – a long-standing cybersecurity threat – accounted for $1.7 billion in losses, with cybercriminals using new tactics and techniques to carry out existing attacks. As cybercrime spikes in the wake of COVID-19, BEC’s toll is expected to rise this year. The Federal Bureau of Investigation (FBI) recently issued a warning to businesses on the growing threat of BEC attacks using the pandemic as a backdrop for unusual requests like payments to a “new” vendor or a change of account information.

Application programming interfaces (APIs) make everything a bit easier - from data sharing to system connectivity to delivery of critical features and functionality - but they also make it much easier for the bad actors (and the bad bots they deploy). Here are the top 5 API vulnerabilities that get exploited by hackers, including some tips to help close those gaps.